Overview

Targeted attacks continue to grow at an exponential pace, with the majority of attacks using application-level vectors to gain the first intrusion to a network. Malware of this type shares a common denominator: code that is traveling in and out of the network. The code is hiding or encrypted deep in the data streams of common applications such as Microsoft Office and Adobe Acrobat, where no one is looking for it.

The code is then executed, launching the attack by exploiting vulnerabilities inside the applications. Most anti-malware solutions are based on dynamic analysis and focus on identifying suspicious behavior. This method requires actually opening the object to be analyzed in the exact target environment. Once opened, the malicious code takes control and evasion is just one step away.

Introducingthe SoleGATE Platform

Solebit SoleGATE platform uses an innovative non-behavioral and conclusive approach to cybersecurity protection.Solebit’s patent-pending DvC technology detects hidden code within data objects, regardless of the data object type and what the code looks like, then blocks the data object from entering the organization.If a stream includes code, it stays out. Period.

Detect any code, anywhere

Whenever there are hidden codes, encrypted and polymorphic payloads, shellcodes or other commands buried in files, SoleGATE finds them. Every time. SoleGATE does not need to open or execute the files in order to identify the hidden code. It does not rely on any signatures or external sources (such as blacklists, external inputs etc.)

Implement & operate without cyber-experts

The system does not require cybersecurity experts to implement and operate the system. Once deployed, SoleGATE Platform does not require signature updates, connectivity to Internet or other data repositories.

Eliminate Guess Work

SoleGATE does not attempt to deduce from the file’s behavior whether it is “malicious” or not – a method which often provides inconclusive results. If a stream or file includes code, SoleGATE keeps it out.

Rapid Deployment

SoleGATE is a virtual appliance installed on premise or on the cloud, hence does not require dedicated hardware for installation. Since it is platform independent, no complicated configuration process is required and the system can be up and running within hours of installation.

Provide conslusive results only

SoleGATE uses the DvC static analysis method which returns only conclusive results (“Code detected” or “Clean”) and does so rapidly, thus enables the customer to achieve real prevention by blocking malicious files or streams without any impact on performance and user experience.

Provide Wide Coverage

SoleGATE provides the widest coverage regardless of the customer’s Operating System (Windows, Linux), whether it is a 32bit or 64bit and no matter the type and version of the client side application.

Extremely fast

SoleGATE handles multiple files per second, allowing organizations to process large volumes of data without latency and without causing human-related bottlenecks and queues.

SoleGATE Email Protector

SoleGATE Email Protector is a virtual appliance, installed on cloud or on-premises, that detects and prevents cyber-attacks over the email attack vector, before they even enter the organization’s internal networks. One of the SoleGATE Protection Platform modules, SoleGATE Email Protector powered is by Solebit DvC Engine, uses patent-pending static analysis technology to inspect the email traffic for hidden code inside data objects, providing a conclusive result for each scanned email.

Real time prevention

Deployment options

SoleGATE Email Protector can be deployed in Prevention mode as an MTA or in Detection-Only mode using Mirror Port or auto BCC. Typical deployment examples include: Deployment on premises or on cloud between Mail Relay (anti-spam) and Mail Server:

Deployment for Microsoft 365 Customers

Deployment for Google Apps Customers

Wide coverage

SoleGATE Email Protector provides the widest coverage, regardless of the customer Operating System is (Windows, Linux) whether it is 32bit or 64bit and no matter what is the type and version of the client side application.

Ease of use

Once deployed SoleGATE scans all incoming emails. Results are conclusive and malicious files are detected and blocked automatically. With a false positive rate of less than 0.00002% SoleGATE requires practically no human intervention.

Fully customizable notifications

SoleGATE Email Protector integrates with SIEM solutions (using syslog based notification) and enables to send customized email-based notifications to the blocked email’s recipients and to the SOC personnel.

Quarantine

Detected emails are stored in a quarantine, enabling the SOC to download and further investigate (if required), and to release emails to the original recipients when necessary.

Intuitive user interface

SoleGATE Email Protector dashboard contains the summary of events / alerts and allows to generate report in order to obtain to get useful and relevant insights.

SoleGATE Email Protector is the only solution that providesreal time prevention from unknown threats.